Yubico Forum

...visit our web-store at store.yubico.com
It is currently Tue Jan 30, 2018 12:06 pm

All times are UTC + 1 hour




Post new topic Reply to topic  [ 4 posts ] 
Author Message
PostPosted: Wed Jan 29, 2014 5:55 pm 
Offline

Joined: Tue Nov 04, 2008 8:55 pm
Posts: 19
Hi All,

I have just woken up to the fact that YubiRadius has been discontinued. While I have no problems with YubiRadius I'd rather move over to something which is still being developed/maintained if possible.

So are there any viable open source replacements for Radius & Yubikey & AD authentication? Looking through the companies mentioned in their post there are several good looking commercial options but not much for the open source purist/cheapskate:
  • LinOTP has a community edition however only their Enterprise edition supports Active Directory
  • RCDevs OpenOTP system sounds like it would work but is only free for under 35 users, above that you need to contact them for pricing details.
  • Mike Clark's Yubidus looks like it never really got started (post from 2009 saying it would be out in a few weeks and the Google code repository for it has been removed)
  • Sun's OpenSSO software is listed as free open source however the links are dead and searching for it leads to a $85/user page so not sure if there is an open source edition?
  • and the Yubiradius and Radius on Premise systems have been discontinued.

Are there any other open source alternatives that are worth considering? Are enough people using YubiX as a replacement that these forums would be an effective way of supporting each other (although I can't see a YubiX forum section so assume not)? Or are most people sticking with YubiRadius for now?

Cheers,
Neal.


Top
 Profile  
Reply with quote  

Share On:

Share on Facebook FacebookShare on Twitter TwitterShare on Tumblr TumblrShare on Google+ Google+

PostPosted: Mon Feb 03, 2014 8:04 pm 
Offline

Joined: Thu Mar 15, 2012 6:03 pm
Posts: 32
I'm currently using YubiRADIUS. I'd be interested to try YubiX but I simply can't find any documentation for it. In fact, I can't even figure out whether it's something like the YubiRADIUS (works out of the box as a RADIUS OTP validator) or just a platform to develop our own stuff. :geek:


Top
 Profile  
Reply with quote  
PostPosted: Thu Aug 28, 2014 4:46 pm 
Offline

Joined: Thu Apr 11, 2013 8:04 pm
Posts: 3
I have some great news. LinOTP open sourced all of their software components back in May with release 2.7. You can now use AD as your user database and there's no limit to the number of tokens created. The challenge you will now face is actually building a server. The open source version of LinOTP requires you to setup freeradius and LinOTP manually. I went through the setup this week and found a few gaps in the documentation, but ultimately got the two services talking to each other.

At the end of last year I was demoing the Enterprise Edition of LinOTP to see what it would take to get migrated off YubiRadius. During the time of my demo LSE added support for YubiCo's authentication algorithm, importing keys from the Personalization tool, and allowing auto assignments of YubiKeys. LSE was also able to add a feature request from me which populated the description field of the token view to list the key's public ID (similar to how YubiRadius lists keys). That helped me keep track of what keys were assigned to users.

Between demoing the Enterprise Edition last year and being able to build my own open source edition this week, I feel more confident in moving off of YubiRadius. With LinOTP I automatically gain support for other two-factor tokens, including time based OATH tokens like Google Authenticator. I'm looking at Google Authenticator as a method for allowing users to connect their phones & tablets to VPN. When Yubico ended support for YubiRadius they also stopped development on the YubiApp IOS/Android applications. IOS7 broke the app last year and YubiCo never officially released the Android version in the Play store. Now I think I can finally provide an alternative.


Top
 Profile  
Reply with quote  
PostPosted: Fri Sep 12, 2014 4:53 am 
Offline

Joined: Fri Sep 12, 2014 4:36 am
Posts: 5
If you are looking for a YubiRADIUS alternative or replacement, give GreenRADIUS a try. (As of November 2013, Yubico has ceased developing and supporting YubiRADIUS.) All of the same features YubiRADIUS employed are included in GreenRADIUS with additional enhancements such as:

- Hardening
- Two-factor authentication for the administrator login
- Updated Ubuntu OS

GreenRADIUS is the next generation of YubiRADIUS and was developed by the same team that is now a part of Green Rocket Security, a Yubico enterprise partner. GreenRADIUS is fully supported, will be kept current, and has a roadmap for further enhancements.

See the comparison summary file detailing the key differences between GreenRADIUS and YubiRADIUS.


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 4 posts ] 

All times are UTC + 1 hour


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group